Implementing One-way Encryption in PHP [con't]
This application offers the user two methods of storage. The first is storage in a local file and the second is storage in a database. Granted, storing information in a local file is not exactly safe, but because in our case the text will be encrypted, we are relatively safe. As far as the password is concerned, we are even safer because we will be using one-way encryption.
We have to both read and write from files, so let's take a look at what these involve. First, we need to open a file. We use the
fopen() function to do this. This function takes two arguments: one is the text file name and the other is the mode of opening the file. There are various file-opening modes. Table 1 lists all the modes and their meanings.
Table 1. PHP File-opening Modes
|r||Reading only Â Begins reading the start of the file|
|r+||Reading or writing Â Begins reading the start of the file|
|w||Writing only Â Creates the file if it does not exist, and overwrites any existing contents|
|w+||Reading or writing Â Creates the file if it does not exist, and overwrites any existing contents (when writing)|
|a||Writing only Â Creates the file if it does not exist, and appends the new data to the end of the file|
|a+||Reading or writing Â Creates the file if it does not exist, and overwrites any existing contents (when writing)|
|x||Writing only Â Creates the file if it does not exist, but only issues a warning if the file does exist|
|x+||Reading or Writing Â Creates the file if it does not exist, but do nothing, issue a warning, if the file does exist|
To do the actual reading of the files contents, we use the
fread()function. This function takes two arguments: the file pointer and the integer length. Its syntax is something like this:
After opening and using a file, we need to close it. We use the
fclose() function to do this. The
fclose() function has the following syntax:
Before attempting to write to a file, we need to check whether the file exists. We do this by using the
fileexists() function, which takes on parameter that is the file name. So it is fairly easy to work with files compared with writing and reading data from databases. A complete example of reading from file would look something like this:
And to write to a file we do:
Writing to a database is of course more secure, although it is a bit more complicated depending on which database type you use. For the purposes of this application we will use the MySQL database server. To connect to a database, we need to connect to the server first. Below is an example of how to connect to the server:
In the above piece of code, you start by setting the host and database names and then you set a database resource and store its contents in a variable called
$dbc. To actually connect to the server you use the
mysql_connect() function. After connecting to the server, you connect to the database.
When you are connected, you can extract, insert, delete and update data as needed.
Original: May 17, 2010